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^T, or MITHENTICATING OR -DIGITALLY SIGNING" DIGITAL 
METHOD OF AUTHENl ' OBJECTS 



TECHNICAL FIELD OF THE INVENTION 

indicia of authenticity into a data object. 



or 



BACKGROXiND OF THE INVENTION AND BACKGR013ND ART 

T...ave..seve^pHo.a„e.p«,o«".S."— "o.o.H«,.se 

..e„.oa.e a ... o... suo. as a — . Cene... speaMn. one 
^.acU»*es.™aseo....ns.a„ce..,.U_.«...*aU.c..e.^^^^^ 

or e,ea.e. A ..-e" o. ' W a — „o.e„c,at».e 

,„.a«a„e.p..oproviaeina.iaofau*e„.oi^of*eaisi«.aata. 

O„.s.«a..,w^*aisc.osesa™e*oaof.,.a...no™aaoc„.en.con.p..^^ 
.^o,.as«..*ea«^en..— ns*e..es.<o„e.Uo.a.eV..)»a«.e^ 

..a pan. w..e a.e. U — ea a . a„a enc^^-S - 

, „„auce a "digitally notarized" document. All that is required to 
combination to produce a oig""' y . , v„ 

.„e t.e document is tHe Ke. to the e„cr,p.o„ tec.mi,ue. T.us, stmp^ 
»,^.*ecode" .he au.he„.,ci.yindic,aort.eunaer,vin.aatao.3ectca„be altered 
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or tampered with. 

Other solutions comDlicate this basic scheme 

* ^ - Aji&wAW UAAAAWUll VCUV 

the code successfully. For instance, U.S. Patent Number 5,373,561, December 13, 1994 
to Haber et al., periodically re-encrypts the signature data to take advantage of ever- 
increasing computational power and advances in encryption, which also render the 
authentic document more susceptible to alteration, decryption, or tampering as time 
passes. However, if the user neglects to "update" the encryption, the advantage is lost. 

A need exists, therefore, for a method of digitally authenticating a data object that 
is not susceptible to future tampering, yet is sufficiently simple as to be implemented in 
a practical and efficient manner. 
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DISCLOSURE OF THE INVENTION 

<,e.ennined by *e data object and Aesignamre data. 

to .be ptefetted en.bod..cn. *e p^sen. — tbe s— 
„,..edi^nctaa.aobJec.isacbievedusinsabasb,nsa.goHtbn>.suoba.SHA-l. 

^eco.d^to.beptefe,.ede.bod,.e„.of.beptese„t— be..at««« 

..e„.a.o„da.a..o.dedb.a.t..edd^pa«..-aa.ao.ec.ttans™.«.^ 
.^dpat...na..ad.ses.otba.o.beda.aob.ect.o^se.e.be— abtyCtbe 



data object 



McoMin, to tbe pteretted etnbodbnen. of tbe present — tbe enotypuon 

step is acbieved by a synunetric encryption algorittan. 

.ccotdins.c.bepte..reden,bodnnen.of.beptesentinvention..bea„tbent.c.^ 

tHe oti^a. data object is conTtnned by tep— . tbe distinct data o^ct b. 
.dendca„yenctyp«n.adataobjectiden.ca.to.eoti.na..senetat.sa«otbetdtst„ct 

a^taobjec and contpaHngd-e second andf^std-stinctdataobiectsf^identtty. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 is a high-level flow chart depicting the steps of the method according to 
the preferred embodiment of the present invention, and more particularly the steps of 
proving a data object with authentication or signature data. 

Figure 2 is a block diagram schematically depicting a portion of the method of 
Figure 1 according to the preferred embodiment of the present invention. 

Figure 3 is a high-level flow chart illustrating the steps of the method according 
to the preferred embodiment of the present invention, and more particularly of the steps 
of authenticating a data object provided v^dth authentication data. 

Figure 4 is a block diagram schematically depicting a portion of the method of 
Figure 3 according to the preferred embodiment of the present invention. 



.001336eA1_l_> 
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MODE(S) FOR CARRYING OUT THE INVENTION 

Refe^.ow»*eHg«e.a„dspecif.caUy.oHsure.,ahigh..e«,flow.ohan 

H«t a. block n, a firs, data objec. or Uem is provided by a user or customer of the 

method r.. data object or ite^ could be a document, drawing. i™.Be ^e. or any ..em 
^..^entofdatathattheuser desires to prov.de w.**e ability tobeauthen^catedor 

verified in the future. 

A. bloc. .3. .be da.a objeC is combined or associa.ed with signature or 
authenHca^ondau.. The signage or auU-enticationmay include thetimeofcrea^onof 

.,.aa.obJec,*e name „t*eau*c.of*e object, prede.em.inedcharac«rs indicating 

..e oHgin of the objec. or virtually any other data the user desires to serve as evtdence 
of authenticity of theunderlyingdataobject. According to ^eprefetred embodiment of 

.He present invention, the authentication data is a ".ime stamp" that comprises, for 
instance, ti,e time and date from the "Atomic CocU" mainlined by *e Uni.ed Su.es 
Naval Obser^.ory (e.g.. 22:13.02; 4 April 1998). The signa«re or authentication data 
. appended, concatenated, or otherwise conventionally combined or associated with the 
aata Object. AS discussedin greater deui. with reference .0 Figure 2. ti,e time s.amp or 

„..er signati^e or authentication dan. is provided by a trusted third party, perhaps the 
vendor of dtemethod, who alsolceepsmeticulousrecords of ti.eme*od used to combme 

or associate fl.e da« objec. wiA signanue or au*entication dau. 

Hex, a. block IS. the combination of the data object and signatitre or 
authentication data is encrypted using conventional symmetric secret-Uey, asymmetric 
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public-key techniques or other combining techniques which use a key known only to the 

concatenating a selected, random text or character string to the data object. For maximum 
security, it is preferable that the trusted third-party employ secret-key techniques and 
maintain a record of the encryption technique along with any secret-keys, for future use 
in authentication of the data object. The preferred encryption method or algorithm is 
RC5. 

Finally, at block 17, the encrypted data object is digested or hashed using a hash 
routine to generate a distinct data object. A hash routine generates a data string that is 
characteristic of the underlying data object that is subjected to the hash routine. The 
preferred hashing algorithm is SHA-1. There are several hashing routines or algorithms, 
such as SHA-1, that are suitable for use in the method according to the present invention. 
All of these hashing routines or algorithms share the following characteristics: 

• the underlying data object cannot be reproduced from the hashed data 
string (it is a one-way or irreversible process); 

• the routine produces a data string of fixed length; and 

• the routine will not yield the same data string for two different data objects. 
Hashing is sometimes referred to as a method of encryption, but this is inaccurate: the 
veiy essence of encryption is that it can be decrypted or the process reversed. Hashing, 
by its very nature, is not reversible. According to the preferred embodiment of the 
present invention, the hashing or digesting step may comprise application of a single 
hashing algorithm or routine to the encrypted data object and signature data. 
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different hashing algorithms. 

„;e.a„a*es.sna»c.a«*e„.oa.»-. — .o...**eon...^ 
l«.oa.e.p...pa..o,e™.*..c.p.e.P^.,a..o„«™*..^^^^^^^^^ 
„lon^aa.ao.ec.a„.o..e— o„o..eaa.ao.e«a„a..^ 

authentication data. 

n^..a«oc.aia,ra.aepicHng«a:.a««sbc^.eene„ 

,e.o„^..e.epsor.e.e.oaacco.n..o*ep..n.— M.....o*e 

Uea ™.oai.e. or *e p.se„. — - e„.^.on .a « steps 
pe.c™eao„..us.-sco.p....«--.ape.o.,oo.pu.,ao..e„.se.. 

e„..p.o„a„a«a.so.*n.ana.eepsa..o.aor.ee„c^Uo,.co— 

,..,.s ana a„V ... ..s use . ..e a..e„— ..en-aave.. *e 
.^.o„»a.as...a,son*n.a.e.e.ae«o„ana— ea..us.-ss.s.^^ 
«.conee™^en.of*e— .*eoH,.a,aa.o,ecns.asUea 

...ensenno.e«..eae.apa«...op.ese.e*eeo«o.*eoH... 
..a Cieo. . *U e„.o..en. *e ^.ea ^.a pa.. P— a.e e„c^«o„ .a 
.^.o.a.es*.SS«PS»~-"-.^---°''^"'-"~" 
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data to user 19 to associate with or combine with the original data object. 

Communication between user 19 and trusted third party 21 is accomplished in a 
number of ways: through modem line, Tl line, frame relay link, or cable modem, or http 
protocol (each with appropriate security). Trusted third party 21 maintains records of any 
encryption keys, the enciyption technique and hashing algorithm(s) for future use by the 
party that later performs authentication of the document. 

Figure 3 is a high-level flow chart depicting the steps of the authentication portion 
of the method according to the present invention. To authenticate the data object, an 
original copy, block 31, of the data object, identical to the first, is combined with 
signature or authentication data, at block 33. The original copy of the data object and 
signature or authentication data can be provided by the originator, or can be kept by the 
trusted third party along with the encryption and/or hashing algorithms. After the copy 
of the original data object is combined with the authentication or signature data, the 
combinations is encrypted in an identical fashion to the original, at block 35. At block 
37, the resulting encrypted data object is then hashed or digested identically to the first, 
and the resulting distinct data object compared with the original data object (the result of 
block 17 in Figure 1) and the two are compared for identity. If the two are identical, the 
underlying data object (or the copy) is thus verified or authenticated. If not identical, the 
data object or copy is not authenticated and cannot be trusted (i.e., the copy or document 
purporting to be original has been altered and is not identical to the first or the 
authentication data has been altered). 

Figure 4 is a block diagram depicting elements and relationships between entities 

-8- 
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....oa.o„s.eps.epe.o™eaW..™-P^.pe.aps*ev.a.o.*e.e*^ 
oH..a.o.o.u.«,o.aco— of*e.o.THe.s:.c.<U.o.iec«.e.pu..o. 

„f *e con,pa».or verifies .he authenticity (or lacV thereof). 

.„ord.. to the preferred emho^^en. oC the present — , the ntethod ,s 
perforn.eaus.sso«wareres.en.on,heaoc^entor<.a.a„hiec.orisinator-scon,p.^^^ 
..eeno.p.on..«occurson.he.mstea..rapart..e„nrpn.er..hte.put 

.aresnUsheht.— teatoana.o..hetr.tea.h.apar..as.eser,heaa.^^^ 
..e recipient o^the "authenticatea" aata oh^ect can re,uest verification throng 
„stea thira par.., aepena.n. upon which o. the parties maintains the re,uis.te 

encrVpHon technique, hashin. aigori^n,, con.hination .ethod. a„a an. encryption ..s^ 
The ntethoaaccoraingto the present inventi„nproviaesanin.provean.e*oa of 

ai,ta„vsi^Sorother.seau.henticat..a..ta,aataohiects. Because the hashing or 
ai,es.„.stepisone..a.orirreve.ih,e,theencrvpteaportionorthe.i.nature.sno 

^« hv marked advances in computational 
susceptible to unauthorized decryption, even by marked 

power Becauseof^sadvantase^e^stedtHirdp^orvendormustkeepscrupulo^^ 

.cordsoftbeencryp.onorcomb^Ste«,basbin.^^^^^^ 
employed in providing the signamre or authentication data. 

A •K.H with reference to preferred embodiments thereot. 
The invention has been described with reterence f 
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It is thus not limited, but is susceptible to variation and modification without departing 
from the scope and spirit of the invention, which is defined by the claims, which follow. 



-10- 



PCT/US99/18824 

WO 00/13368 

TTLo. of sec.e.y assooiaHnS si^a- .^ta wi* o*« aa«, .he .eO,od 

comprising the steps of; 

associating a data object with signature data; 

encwpting both the data object and the signature data; and 

gZtU,gadistinctdataobject.on..hee„ctvpteadataobject3nds.gnan^^^^^^ 

^e disLt da^ object having characteristics determined by the data ob.ect and the 

signature data. 

2 The method according to claim 1 further comprising the step of: 

■ delivering the distinct data object and signature data to a recp.ent party. 

3 The method according to claim 2, further comprising the step of: . 

validating the distinct data object and signature data combinanon by: 

associating a second data object, identical to the first, wtth the stgnature 

encrypting the second data object and the signature data using an 
encryption method identical to that employed in enctvPting the first data object 

and the signature data; . 

generaring a second distinct data object from the encrypted seed dat 
object and the signamre data using an method identical to that employed 
generating the distinct data object; and , .. ^ 

comparing the distinct and second distinct data objects for tdenttty. 

4. TTte methM according to claim 1 . wherein the siguan^e data is provided by a trusted 

party. 

5. The method according to Claim l. wherein the enc^t-ng =tep is performed using a 
synunetric data encryption technique. 
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6. The method according ,o claim 1, wherein Ae step of genetating the distinct data 
object is performed using a hash routine. 

7. A method of providing a time-stamp for a data object comprising the steps of: 

generating a distinct value for the data object; 

associating signature data with the distinct value to produce a signed data object; 
encrypting the signed data object; and 

generating a second distinct value from the encrypted signed data object the 
second distinct data object having characteristics of the enciypted signed data object. 

8. The method according to claim 7 further comprising the step of: ' 

delivering the second distinct data object and signaUxre data to a recipient party. 

9. The method according to claim 8, further comprising the step of: 

validating the second distinct data object and signanu-e data combination by: 

generating a third distinct value, identical to the distinct value; 

associating a second signature data, identical to the first, with the third 
distinct value to produce a second signed data object; and 

encrypting the second signed data object using an encryption method 
Identical to that employed in encrypting the first signed data object; 

generating a fourth distinct value from the encrypted second signed data 
object using method identical to that employed in generating the second distinct 
value; and 

comparing the fomth distinct value and second distinct value for identity. 

10. The method according to claim 7, wherein the signature data is provided by a tmsted 
party. 

1 1 The method according to claim 7. wherein the encvpting step is performed using a 
symmetric data encryption technique. 
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12. The method according to claim 7. wherein the step of generating the distinct value 
is perfonned using a hash routine. 

13 A method of providing a time-stamp for a data object comprising the steps of: 

generating a distinct value for the data object by performing a hash routine on the 
data object; 

associating a time-stamp with the distinct value to produce a time-stamped data 

object; 

encrypting the time-stamped data object; and 

generating a second distinct value from the encrypted time-stamped data object by 
perfonning a hash routine on the encrypted time-stamped data object. 

14. The method according to claim 13 further comprising the step of: 

delivering the second distinct data object and time-stamp to a recipient party. 

15. The method according to claim 13, further comprising the step of: 

validating the second distinct data object and time-stamp combination by: 
generating a third distinct value, identical to the distinct value; 
associating a identical time-stamp with the third distinct value to produce 

a second time-stamped data object 

encrypting the second time-stamped data object using the identical 

encryption method; 

generating a forth distinct value from the encrypted second time-stamped 

data object; and 

comparing the fourth distinct value and second distinct value for identity. 

16. The method according to claim 13, wherein the time stamp is provided by a trusted 
party. 

17. The method according to claim 13, wherein the encrypting step is performed.using 
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symmetric data encryption technique. 
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